Short: Windows 7 RTM auto-elevate white list

committed to database on September 27, 2009 at 9:48 am Eastern Standard Time 5 comments digg this

UAC shield, protecting you from bad programs... I received a bunch requests to update the auto-elevate list from May, so here it is. There’s no change from the RC list.

  • \Windows\ehome\Mcx2Prov.exe
  • \Windows\System32\AdapterTroubleshooter.exe
  • \Windows\System32\appinfo.dll
  • \Windows\System32\BitLockerWizardElev.exe
  • \Windows\System32\bthudtask.exe
  • \Windows\System32\chkntfs.exe
  • \Windows\System32\cleanmgr.exe
  • \Windows\System32\cliconfg.exe
  • \Windows\System32\CompMgmtLauncher.exe
  • \Windows\System32\ComputerDefaults.exe
  • \Windows\System32\dccw.exe
  • \Windows\System32\dcomcnfg.exe
  • \Windows\System32\DeviceEject.exe
  • \Windows\System32\DeviceProperties.exe
  • \Windows\System32\dfrgui.exe
  • \Windows\System32\djoin.exe
  • \Windows\System32\eudcedit.exe
  • \Windows\System32\eventvwr.exe
  • \Windows\System32\fsquirt.exe
  • \Windows\System32\FXSUNATD.exe
  • \Windows\System32\hdwwiz.exe
  • \Windows\System32\ieUnatt.exe
  • \Windows\System32\iscsicli.exe
  • \Windows\System32\iscsicpl.exe
  • \Windows\System32\lpksetup.exe
  • \Windows\System32\MdSched.exe
  • \Windows\System32\msconfig.exe
  • \Windows\System32\msdt.exe
  • \Windows\System32\msra.exe
  • \Windows\System32\MultiDigiMon.exe
  • \Windows\System32\Netplwiz.exe
  • \Windows\System32\newdev.exe
  • \Windows\System32\ntprint.exe
  • \Windows\System32\ocsetup.exe
  • \Windows\System32\odbcad32.exe
  • \Windows\System32\OptionalFeatures.exe
  • \Windows\System32\perfmon.exe
  • \Windows\System32\printui.exe
  • \Windows\System32\rdpshell.exe
  • \Windows\System32\recdisc.exe
  • \Windows\System32\rrinstaller.exe
  • \Windows\System32\rstrui.exe
  • \Windows\System32\sdbinst.exe
  • \Windows\System32\sdclt.exe
  • \Windows\System32\shrpubw.exe
  • \Windows\System32\slui.exe
  • \Windows\System32\SndVol.exe
  • \Windows\System32\spinstall.exe
  • \Windows\System32\SystemPropertiesAdvanced.exe
  • \Windows\System32\SystemPropertiesComputerName.exe
  • \Windows\System32\SystemPropertiesDataExecutionPrevention.exe
  • \Windows\System32\SystemPropertiesHardware.exe
  • \Windows\System32\SystemPropertiesPerformance.exe
  • \Windows\System32\SystemPropertiesProtection.exe
  • \Windows\System32\SystemPropertiesRemote.exe
  • \Windows\System32\taskmgr.exe
  • \Windows\System32\tcmsetup.exe
  • \Windows\System32\TpmInit.exe
  • \Windows\System32\verifier.exe
  • \Windows\System32\wisptis.exe
  • \Windows\System32\wusa.exe
  • \Windows\System32\DriverStore\FileRepository\bth.inf_amd64_neutral_a1e8f56d586ec10b\fsquirt.exe
  • \Windows\System32\oobe\setupsqm.exe
  • \Windows\System32\sysprep\sysprep.exe
  1. spud September 27, 2009 at 7:39 pm

    nice how msconfig is on the list, then you can go to tools and run an admin cmd prompt without any uac prompt
    child processes need to check uac imo

  2. Jonathan September 27, 2009 at 8:07 pm

    spud’s right…there should have been a distinction between user-approved elevation and auto-elevation. User-approved elevated processes should be allowed to spawn child processes without a UAC prompt, while auto-elevated processes should trigger a UAC prompt when they try to spawn child processes.

  3. Anthony Castanza September 27, 2009 at 10:55 pm

    Same deal with regedit… msconfig is way too powerful (especially the access from the tools tab) to be allowed that kind of elevation.

  4. asf September 28, 2009 at 4:52 am

    This should not come as a surprise, we all know the 7 UAC was tweaked bcuz of the Vista bitching, for people that care about security, just turn UAC all the way up.

  5. jgoto September 28, 2009 at 7:28 pm

    @asf

    I agree. Turn up UAC back to the Vista levels and have peace of mind.

Copyright(c), left, top, and bottom.
Powered by WordPress, skinned by me, with ideas stolen from Long Zheng.
RSS is fed through machines that also process peanuts and chocolate, making it much tastier.
Works on mobile devices too!